Big Company — always safe on the inside. Everyone was worried about the zombie apocalypse, except for the Big Company employees. The walls of Big Company were tall and strong, keeping out the undead horde. Everyone was safe and sound until Frank had a heart attack in the break room. After that, the zombies were inside.
Any fan of zombie stories should know the trope. There’s a zombie apocalypse, but a group of people finds safety in a walled town. Someone inside the town has a fatal accident, and then the zombies proliferate from the inside. This scenario plays out every day in information security. In InfoSec terms, we call it lateral movement.
Any endpoint inside your networks can, at any time, turn into an infectious killer zombie. Even worse, the zombies are intelligent, remotely controlled by adversaries that want to drain every last cent out of your company’s coffers. One compromised computer becomes two. Two become four, and so on. One morning when everyone comes into work, all the computers have been compromised and the company has to halt operations. Not a happy day.
Firewalls and virus scanners are perimeter security — they are the walls. If you want to stay safe, do not depend only on your firewalls and virus scanners. Don’t depend on the walls alone. Once one computer has been compromised, it can be game over.
Facebook — Ridgeback Secure
Twitter — @RidgebackSecure
LinkedIn — Ridgeback Network Defense